def initialized(ev):
PTAH = ptah.get_settings(ptah.CFG_ID_PTAH, ev.registry)
# mail
PTAH['Mailer'] = DummyMailer()
PTAH['full_email_address'] = formataddr(
(PTAH['email_from_name'], PTAH['email_from_address']))
# sqla
SQLA = ptah.get_settings(ptah.CFG_ID_SQLA, ev.registry)
url = SQLA['url']
if url:
engine_args = {}
if SQLA['cache']:
cache = {}
engine_args['execution_options'] = \
{'compiled_cache': cache}
SQLA['sqlalchemy_cache'] = cache
try:
engine = sqlahelper.get_engine()
except: # pragma: no cover
engine = sqlalchemy.engine_from_config(
{'sqlalchemy.url': url}, 'sqlalchemy.', **engine_args)
sqlahelper.add_engine(engine)
# ptah manage
if PTAH['manage']:
ev.config.add_route(
'ptah-manage', '/ptah-manage/*traverse',
factory=ptah.manage.PtahManageRoute, use_global_views=True)
ptah.manage.set_access_manager(
ptah.manage.PtahAccessManager())
def initialized(ev):
global maintence
PLOUD = ptah.get_settings("ploud", ev.registry)
APACHE = ptah.get_settings("apache", ev.registry)
if PLOUD["maintenance"]:
maintence = Maintenance(APACHE["host"])
logger.info("Maintenance worker has been started.")
else:
maintence = None
def send_activation(email, token):
mail_template = renderers.get_renderer(
'newui/validate_email.txt').implementation()
MAIL = ptah.get_settings(ptah.CFG_ID_PTAH)
FRONTEND = ptah.get_settings('frontend')
data = dict(host=FRONTEND['host'], email=email, token=token)
msg = MIMEText(str(mail_template(**data)))
msg['Subject'] = 'Activate Your Ploud Account'
msg['From'] = FRONTEND['email_from']
msg['To'] = email
MAIL['Mailer'].send(FRONTEND['email_from'], email, msg)
def send_new_password_email(email, token):
MAIL = ptah.get_settings(ptah.CFG_ID_PTAH)
FRONTEND = ptah.get_settings('frontend')
data = dict(host=FRONTEND['host'], email=email, token=token)
text = renderers.render('ploud.frontend:newui/reset_password.txt', data)
msg = MIMEText(text.encode('utf-8'))
msg['Subject'] = "You've Reset Your Ploud Password"
msg['From'] = FRONTEND['email_from']
msg['To'] = email
MAIL['Mailer'].send(FRONTEND['email_from'], email, msg)
def test_join(self):
from ptahcrowd.provider import CrowdUser
from ptahcrowd.registration import Registration
user = CrowdUser(username='******', email='email')
ptah.get_session().add(user)
ptah.get_session().flush()
class Stub(object):
status = ''
def send(self, frm, to, msg):
Stub.status = 'Email has been sended'
MAIL = ptah.get_settings(ptah.CFG_ID_PTAH)
MAIL['mailer'] = Stub()
request = self.make_request(
POST = {'username': '******',
'email': '*****@*****.**',
'password': '******',
'confirm_password': '******'})
request.environ['HTTP_HOST'] = 'example.com'
form = Registration(None, request)
form.update_form()
res = form.register_handler()
self.assertIsInstance(res, HTTPFound)
self.assertEqual(res.headers['location'],
'http://example.com/login-success.html')
user = ptah.auth_service.get_principal_bylogin('*****@*****.**')
self.assertIsInstance(user, CrowdUser)
self.assertEqual(user.name, 'test')
def test_validation_auth_checker_validation(self):
from ptahcrowd.validation import validationAndSuspendedChecker
principal = Principal('1', 'user', '*****@*****.**')
cfg = ptah.get_settings(ptahcrowd.CFG_ID_CROWD)
# validation disabled
info = AuthInfo(principal, True)
cfg['validation'] = False
self.assertTrue(validationAndSuspendedChecker(info))
info = AuthInfo(principal, True)
cfg['allow-unvalidated'] = False
self.assertTrue(validationAndSuspendedChecker(info))
# validation enabled
info = AuthInfo(principal, True)
cfg['validation'] = True
cfg['allow-unvalidated'] = False
self.assertFalse(validationAndSuspendedChecker(info))
self.assertEqual(info.message, 'Account is not validated.')
info = AuthInfo(principal, True)
cfg['allow-unvalidated'] = True
self.assertTrue(validationAndSuspendedChecker(info))
# validated
principal.validated = True
info = AuthInfo(principal, True)
cfg['validation'] = True
self.assertTrue(validationAndSuspendedChecker(info))
def test_login_unvalidated(self):
from ptahcrowd import login
from ptahcrowd.provider import CrowdUser
user = CrowdUser(username='******',
email='email',
password='******')
CrowdUser.__type__.add(user)
user.validated = False
cfg = ptah.get_settings(ptahcrowd.CFG_ID_CROWD)
cfg['allow-unvalidated'] = False
request = self.make_request(POST={
'login': '******',
'password': '******'
})
request.environ['HTTP_HOST'] = 'example.com'
form = login.LoginForm(None, request)
form.update_form()
form.login_handler()
self.assertIn('Account is not validated.', request.render_messages())
def facebook_process(request):
"""Process the facebook redirect"""
if request.GET.get('state') != request.session.get('facebook_state'):
raise CSRFError(
"CSRF Validation check failed. Request state %s is "
"not the same as session state %s" %
(request.GET.get('state'), request.session.get('state')))
del request.session['facebook_state']
code = request.GET.get('code')
if not code:
reason = request.GET.get('error_reason', 'No reason provided.')
return AuthenticationDenied(reason)
cfg = ptah.get_settings(ptahcrowd.CFG_ID_AUTH, request.registry)
client_id = cfg['facebook_id']
client_secret = cfg['facebook_secret']
# Now retrieve the access token with the code
access_url = '{0}?{1}'.format(
'https://graph.facebook.com/oauth/access_token',
url_encode({
'client_id': client_id,
'client_secret': client_secret,
'redirect_uri': request.route_url('facebook_process'),
'code': code
}))
r = requests.get(access_url)
if r.status_code != 200:
raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content))
access_token = urlparse.parse_qs(r.content)['access_token'][0]
entry = Storage.get_by_token(access_token)
if entry is not None:
return FacebookAuthenticationComplete(entry)
# Retrieve profile data
graph_url = '{0}?{1}'.format('https://graph.facebook.com/me',
url_encode({'access_token': access_token}))
r = requests.get(graph_url)
if r.status_code != 200:
raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content))
profile = json.loads(r.content)
id = profile['id']
name = profile['name']
email = profile.get('email', '')
verified = profile.get('verified', False)
entry = Storage.create(access_token,
'facebook',
uid='{0}:{1}'.format('facebook', id),
name=name,
email=email,
verified=verified,
profile=profile)
return FacebookAuthenticationComplete(entry)
def register_handler(self):
data, errors = self.extract()
if errors:
self.add_error_message(errors)
return
user = self.create(data)
self.request.registry.notify(PrincipalRegisteredEvent(user))
self.cfg = ptah.get_settings(CFG_ID_CROWD, self.request.registry)
# validation
if self.cfg['validation']:
initiate_email_validation(user.email, user, self.request)
self.request.add_message('Validation email has been sent.')
if not self.cfg['allow-unvalidated']:
return HTTPFound(location=self.request.application_url)
# authenticate
info = ptah.auth_service.authenticate(
{'login': user.username, 'password': user.password})
if info.status:
headers = security.remember(self.request, info.__uri__)
return HTTPFound(
location='%s/login-success.html'%self.request.application_url,
headers = headers)
else:
self.request.add_message(info.message) # pragma: no cover
def get_user_type(registry=None):
cfg = ptah.get_settings(CFG_ID_CROWD, registry)
tp = cfg['type']
if not tp.startswith('type:'):
tp = 'type:{0}'.format(tp)
return ptah.resolve(tp)
def loginHandler(self):
data, errors = self.extract()
if errors:
self.message(errors, 'form-error')
return
host = self.request.matchdict['site']
data = '%s::%s'%(data['login'], data['password'])
tid = token.service.generate(TOKEN_TYPE, data)
transaction.commit()
try:
SSO = ptah.get_settings('ploud-login', self.request.registry)
conn = httplib.HTTPConnection(SSO['backend'], timeout=2)
conn.connect()
conn.putrequest(
'GET', '/__maintenance__/check-credentials,%s/Plone'%tid,
skip_host=True, skip_accept_encoding=True)
conn.putheader('Host', host)
conn.endheaders()
resp = conn.getresponse()
data = resp.read().strip()
except:
self.message(
"Can't connect to target host. Please try again later.",'warning')
token.service.remove(tid)
return
if data == 'success':
return HTTPFound(location='http://%s/authToken?token=%s'%(host, tid))
token.service.remove(tid)
self.message("Login or password are wrong.")
def test_manage_access_manager_role(self):
from ptah.manage.manage import PtahAccessManager
class Principal(object):
id = 'test-user'
login = '******'
principal = Principal()
@ptah.resolver('test')
def principalResolver(uri):
return principal
self.init_ptah()
orig_lr = ptah.get_local_roles
def get_lr(userid, request, context):
if userid == 'test:user':
return ('Manager',)
return ()
ptah.get_local_roles = get_lr
cfg = ptah.get_settings(ptah.CFG_ID_PTAH, self.registry)
cfg['manager_role'] = 'Manager'
self.assertTrue(PtahAccessManager()('test:user', self.request))
self.assertFalse(PtahAccessManager()('test:user2', self.request))
ptah.get_local_roles = orig_lr
def test_forbidden_custom_login(self):
import ptahcrowd
from ptahcrowd.forbidden import Forbidden
class Context(object):
""" """
request = self.make_request()
request.url = 'http://example.com'
request.root = Context()
CFG = ptah.get_settings(ptahcrowd.CFG_ID_CROWD, self.registry)
CFG['login-url'] = '/custom-login.html'
excview = Forbidden(HTTPForbidden(), request)
excview.update()
res = request.response
self.assertIs(excview.__parent__, request.root)
self.assertEqual(res.status, '302 Found')
self.assertEqual(
text_(res.headers['location']),
'http://example.com/custom-login.html?came_from=http%3A%2F%2Fexample.com'
)
def test_join_unvalidated(self):
import ptahcrowd
from ptahcrowd.provider import CrowdUser
from ptahcrowd.registration import Registration
user = CrowdUser(username='******', email='email')
ptah.get_session().add(user)
ptah.get_session().flush()
CROWD = ptah.get_settings(ptahcrowd.CFG_ID_CROWD)
CROWD['allow-unvalidated'] = False
request = self.make_request(
POST = {'username': '******',
'email': '*****@*****.**',
'password': '******',
'confirm_password': '******'})
form = Registration(None, request)
form.update_form()
res = form.register_handler()
self.assertIsInstance(res, HTTPFound)
self.assertEqual(res.headers['location'], 'http://example.com')
user = ptah.auth_service.get_principal_bylogin('*****@*****.**')
self.assertIsInstance(user, CrowdUser)
self.assertEqual(user.username, 'test')
self.assertIn('Validation email has been sent.',
request.render_messages())
def get_user_type(registry=None):
cfg = ptah.get_settings(CFG_ID_CROWD, registry)
tp = cfg["type"]
if not tp.startswith("type:"):
tp = "type:{0}".format(tp)
return ptah.resolve(tp)
def test_settings_group_multiple_validation(self):
def validator1(fs, appstruct):
raise ptah.form.Invalid('Error1', fs['node1'])
def validator2(fs, appstruct):
raise ptah.form.Invalid('Error2', fs['node2'])
node1 = ptah.form.TextField('node1', default='test')
node2 = ptah.form.TextField('node2', default='test')
ptah.register_settings('group3',
node1,
node2,
validator=(validator1, validator2))
self.init_ptah()
group = ptah.get_settings('group3', self.registry)
data, err = group.extract({
'group3.node1': 'value',
'group3.node2': 'value'
})
self.assertEqual(err.msg, {'group3': text_type(['Error1', 'Error2'])})
def extract(self, default=null):
date = self.params.get(self.date_name, default)
if date is default:
return default
if not date:
return null
time = self.params.get(self.time_name, default)
if time is default:
return default
if not time:
return null
FORMAT = ptah.get_settings(ptah.CFG_ID_FORMAT, self.request.registry)
try:
dt = datetime.datetime.strptime(
'%s %s' % (date, time), '%m/%d/%Y %H:%M')
except ValueError:
try:
dt = datetime.datetime.strptime(
'%s %s' % (date, time), '%m/%d/%Y %I:%M %p')
except ValueError:
return null
return dt.replace(tzinfo=self.tzinfo).isoformat()
def _make_app(self, request=None):
from ptah.manage.manage import PtahManageRoute
class Principal(object):
id = 'test-user'
uri = 'test:user'
login = '******'
principal = Principal()
@ptah.resolver('test')
def principalResolver(uri):
return principal
@ptah.principal_searcher('test')
def principalSearcher(term):
return (principal, )
cms.ApplicationFactory(TestApp1, '/test1', 'app1', 'Root App 1')
cms.ApplicationFactory(TestApp2, '/test2', 'app2', 'Root App 2')
self.TestRole = ptah.Role('test', 'Test role')
self.init_ptah()
if request is None:
request = DummyRequest()
ptah.auth_service.set_userid(ptah.SUPERUSER_URI)
cfg = ptah.get_settings(ptah.CFG_ID_PTAH, self.registry)
cfg['managers'] = ('*', )
mr = PtahManageRoute(request)
mod = mr['apps']
return mod['app1']
def get_manage_url(request):
url = request.application_url
if url.endswith('/'):
url = url[:-1]
cfg = ptah.get_settings(ptah.CFG_ID_PTAH, request.registry)
return '{0}/{1}'.format(url, cfg['manage'])
def test_settings_initialize_load_settings_include(self):
from ptah.settings import init_settings
path = os.path.join(self.dir, 'settings.cfg')
f = open(path, 'wb')
f.write(bytes_('[DEFAULT]\ngroup.node1 = value\n\n','ascii'))
f.close()
node1 = ptah.form.TextField(
'node1',
default = 'default1')
node2 = ptah.form.IntegerField(
'node2',
default = 10)
ptah.register_settings('group', node1, node2)
self.init_ptah()
init_settings(self.config, {'include': path})
group = ptah.get_settings('group', self.request.registry)
self.assertEqual(group['node1'], 'value')
self.assertEqual(group['node2'], 10)
def msg_init(self, data):
cfg = ptah.get_settings(CFG_ID_AUTH)
self.send('config', {'id': self.id,
'facebook': cfg['facebook_id'],
'google': cfg['google_id'],
'gihub': cfg['github_id']})
def test_settings_export(self):
field1 = ptah.form.TextField('node1', default='test')
field2 = ptah.form.TextField('node2', default='test1')
ptah.register_settings('group4', field1, field2)
self.init_ptah(initsettings=True)
settings = get_settings_ob()
# changed settings
self.assertEqual(settings.export(), {})
# default settings
data = settings.export(default=True)
self.assertIn('group4.node1', data)
self.assertIn('group4.node2', data)
self.assertEqual(data['group4.node1'], '"test"')
self.assertEqual(data['group4.node2'], '"test1"')
# changed settings
group = ptah.get_settings('group4', self.registry)
group['node2'] = 'changed'
data = dict(settings.export())
self.assertEqual(data['group4.node2'], '"changed"')
def verify_handler(self):
data, errors = self.extract()
if errors:
self.message(errors, 'form-error')
return
entry = self.entry
request = self.request
new_user = False
email = data['email']
user = self.session.query(ptahcrowd.CrowdUser).filter(
ptahcrowd.CrowdUser.email == email).first()
if user is None:
new_user = True
# create user
tinfo = ptahcrowd.get_user_type()
user = tinfo.create(
name=entry.name,
login=email,
email=email,
password=entry.access_token)
tinfo.add(user)
# fixme: temporary
ptah.get_session().flush()
uri = user.__uri__
entry.uri = uri
entry.email = email
else:
uri = user.__uri__
data = {'uri': uri,
'email': email,
'uid': entry.uid}
t = ptah.token.service.generate(TOKEN_TYPE, json.dumps(data))
template = VerifyTemplate(entry, request, email=email, token=t)
template.send()
# login
if new_user:
self.message('Email verification email has been sent.')
cfg = ptah.get_settings(ptahcrowd.CFG_ID_CROWD, request.registry)
if cfg['validation']:
if cfg['allow-unvalidated']:
entry.uri = uri
return login(uri, request)
else:
entry.uri = uri
return login(uri, request)
else:
self.message('User with this email already exists. '
'You have to verify email before you can login.')
return HTTPFound(location=request.application_url)
def build_hb_bundle(name, intr, registry):
cfg = ptah.get_settings(ptah.CFG_ID_PTAH, registry)
node_path = cfg['nodejs-path']
if not node_path:
node_path = NODE_PATH
if not node_path:
raise RuntimeError("Can't find nodejs")
path = intr['abs_path']
templates = []
for bname in os.listdir(path):
bdir = os.path.join(path, bname)
if not os.path.isdir(bdir):
continue
mustache = []
for tname in os.listdir(bdir):
if tname.endswith(ext_mustache) and tname[0] not in ('.#~'):
fname = os.path.join(bdir, tname)
tmpl = compile_template(fname, node_path)
if tmpl:
mustache.append('"%s":Handlebars.template(%s)'%(
tname.rsplit('.', 1)[0], tmpl))
templates.append(
'"%s":new ptah.Templates("%s",{%s})'%(
bname, bname, ','.join(mustache)))
name = str(name)
return template%(name, ',\n'.join(templates), name)
def get_user_type(registry=None):
cfg = ptah.get_settings(CFG_ID_CROWD, registry)
tp = cfg['type']
if not tp.startswith('type:'):
tp = 'type:{0}'.format(tp)
return ptah.resolve(tp)
def update(self):
super(FrontendLayout, self).update()
self.principal = principal = authenticated_userid(self.request)
self.user = User.getByURI(principal)
self.isanon = not self.user
if principal and self.user is None:
headers = forget(self.request)
return HTTPFound(location='/', headers=headers)
if not self.isanon:
self.membership = self.user.membership_label()
self.policy = POLICIES.get(self.user.type, 0)
if self.user.type in (1, 2):
self.policy_id = self.user.type
else:
self.policy_id = 'free'
price = config.PRICES.get(self.policy.id, 'free')
if price == 'free':
self.price = 'free'
else:
self.price = '$%s'%price
self.removes = self.policy.removes - self.user.removes
self.transfers = self.policy.transfers - self.user.transfers
sites = len([s for s in self.user.sites if not s.removed])
self.sites = self.policy.sites - sites
MANAGE = ptah.get_settings(ptah.CFG_ID_PTAH, self.request.registry)
self.manager = self.user.email in MANAGE['managers']
self.principal = self.user.email
def render_amd_includes(request, spec='', bundles=()):
registry = request.registry
cfg = ptah.get_settings(ptah.CFG_ID_PTAH, request.registry)
ptah.include(request, 'curl')
c_tmpls = []
if spec and cfg['amd-spec-enabled']:
specstorage = request.registry.get(ID_AMD_SPEC, {})
specdata = specstorage.get(spec)
if specdata is None:
raise RuntimeError("Spec '%s' is not found."%spec)
else:
spec = '_'
specdata = ()
for name in (bundles if not isinstance(bundles, str) else (bundles,)):
name = '%s.js'%name
if name in specdata:
c_tmpls.append(
'<script src="%s"></script>'%
request.route_url('ptah-amd-spec',specname=spec,name=name))
return amd_incl%{'app_url': request.application_url,
'specname': spec,
'components': '\n'.join(c_tmpls)}
def list_models(self):
cfg = ptah.get_settings(ptah.CFG_ID_PTAH)
disabled = cfg['disable_models']
types = []
for ti in ptah.get_types().values():
types.append(
{'name': ti.__uri__,
'title': ti.title,
'description': ti.description,
'disabled': ti.__uri__ in disabled,
'cls': ti.cls})
for ti in sorted(types, key=lambda item:item['name']):
print (grpTitleWrap.fill(
'{name}: {title} (disabled: {disabled})'.format(**ti)))
if ti['description']:
print (grpDescriptionWrap.fill(ti['description']))
print('')
cls = ti['cls']
print(grpDescriptionWrap.fill('class: {0}'.format(cls.__name__)))
print(grpDescriptionWrap.fill('module: {0}'.format(cls.__module__)))
print(' file: ', sys.modules[cls.__module__].__file__)
print('\n')
def test_manage_disable_modules_traverse(self):
from ptah.manage.manage import \
module, PtahModule, PtahManageRoute, set_access_manager
@module('test-module')
class TestModule(PtahModule):
""" module description """
title = 'Test module'
def accessManager(id, request):
return True
self.init_ptah()
set_access_manager(accessManager)
ptah.auth_service.set_userid('test-user')
cfg = ptah.get_settings(ptah.CFG_ID_PTAH, self.registry)
cfg['disable_modules'] = ('test-module', )
request = DummyRequest()
route = PtahManageRoute(request)
self.assertRaises(KeyError, route.__getitem__, 'test-module')
def test_manage_disable_modules(self):
from ptah.manage.manage import \
module, PtahModule, PtahManageRoute, ManageView, set_access_manager
@module('test-module')
class TestModule(PtahModule):
""" module description """
title = 'Test module'
def accessManager(id, request):
return True
self.init_ptah()
set_access_manager(accessManager)
ptah.auth_service.set_userid('test-user')
cfg = ptah.get_settings(ptah.CFG_ID_PTAH, self.registry)
cfg['disable_modules'] = ('test-module', )
request = DummyRequest()
route = PtahManageRoute(request)
view = ManageView(route, request)
view.update()
for mod in view.modules:
self.assertFalse(isinstance(mod, TestModule))
def rebalance():
ploud_config.initializeConfig()
APACHE = ptah.get_settings('apache')
file = APACHE['lbfile']
processes = APACHE['processes']
conn = ploud_config.PLOUD_POOL.getconn()
c1 = conn.cursor()
c1.execute("SELECT vhost.host,sites.bwin,sites.bwout,sites.site_name FROM vhost, sites "
"WHERE vhost.id = sites.id and sites.disabled = %s ORDER by sites.id",(False,))
db = bsddb.hashopen(file, 'w')
data = [(bwin+bwout, host, name) for host, bwin, bwout, name in c1.fetchall()]
data.sort()
i = 1
for size, host, name in data:
db[host] = str(i)
db[name] = str(i)
i = i + 1
if i > processes:
i = 1
print 'Rebalancing is done.'
db.close()
c1.close()
conn.close()
def test_manage_disable_modules_traverse(self):
from ptah.manage.manage import \
module, PtahModule, PtahManageRoute, set_access_manager
@module('test-module')
class TestModule(PtahModule):
""" module description """
title = 'Test module'
def accessManager(id, request):
return True
self.init_ptah()
set_access_manager(accessManager)
ptah.auth_service.set_userid('test-user')
cfg = ptah.get_settings(ptah.CFG_ID_PTAH, self.registry)
cfg['disable_modules'] = ('test-module',)
request = DummyRequest()
route = PtahManageRoute(request)
self.assertRaises(KeyError, route.__getitem__, 'test-module')
def create(self):
data, errors = self.extract()
if errors:
self.add_error_message(errors)
return
# create user
cfg = ptah.get_settings(ptahcrowd.CFG_ID_CROWD, self.request.registry)
tp = cfg['type']
if not tp.startswith('type:'):
tp = 'type:{0}'.format(tp)
tinfo = ptah.resolve(tp)
user = tinfo.create(fullname=data['fullname'],
username=data['username'],
email=data['email'],
validated=data['validated'],
suspended=data['suspended'])
user.password = ptah.pwd_tool.encode(data['password'])
tinfo.add(user)
# notify system
self.request.registry.notify(ptah.events.PrincipalAddedEvent(user))
self.request.add_message('User has been created.', 'success')
return HTTPFound(location='.')
def test_settings_export(self):
field1 = ptah.form.TextField(
'node1',
default = 'test')
field2 = ptah.form.TextField(
'node2',
default = 'test1')
ptah.register_settings('group4', field1, field2)
self.init_ptah(initsettings=True)
settings = get_settings_ob()
# changed settings
self.assertEqual(settings.export(), {})
# default settings
data = settings.export(default=True)
self.assertIn('group4.node1', data)
self.assertIn('group4.node2', data)
self.assertEqual(data['group4.node1'], '"test"')
self.assertEqual(data['group4.node2'], '"test1"')
# changed settings
group = ptah.get_settings('group4', self.registry)
group['node2'] = 'changed'
data = dict(settings.export())
self.assertEqual(data['group4.node2'], '"changed"')
def test_settings_group_multiple_validation(self):
def validator1(fs, appstruct):
raise ptah.form.Invalid('Error1', fs['node1'])
def validator2(fs, appstruct):
raise ptah.form.Invalid('Error2', fs['node2'])
node1 = ptah.form.TextField(
'node1',
default = 'test')
node2 = ptah.form.TextField(
'node2',
default = 'test')
ptah.register_settings(
'group3', node1, node2, validator=(validator1, validator2))
self.init_ptah()
group = ptah.get_settings('group3', self.registry)
data, err = group.extract({
'group3.node1': 'value',
'group3.node2': 'value'})
self.assertEqual(err.msg, {'group3': text_type(['Error1', 'Error2'])})
def test_manage_access_manager_role(self):
from ptah.manage.manage import PtahAccessManager
class Principal(object):
id = "test-user"
login = "******"
principal = Principal()
@ptah.resolver("test")
def principalResolver(uri):
return principal
self.init_ptah()
orig_lr = ptah.get_local_roles
def get_lr(userid, request, context):
if userid == "test:user":
return ("Manager",)
return ()
ptah.get_local_roles = get_lr
cfg = ptah.get_settings(ptah.CFG_ID_PTAH, self.registry)
cfg["manager_role"] = "Manager"
self.assertTrue(PtahAccessManager()("test:user", self.request))
self.assertFalse(PtahAccessManager()("test:user2", self.request))
ptah.get_local_roles = orig_lr
def create(self):
data, errors = self.extract()
if errors:
self.add_error_message(errors)
return
# create user
cfg = ptah.get_settings(ptahcrowd.CFG_ID_CROWD, self.request.registry)
tp = cfg['type']
if not tp.startswith('type:'):
tp = 'type:{0}'.format(tp)
tinfo = ptah.resolve(tp)
user = tinfo.create(
fullname=data['fullname'], username=data['username'], email=data['email'],
validated=data['validated'], suspended=data['suspended'])
user.password = ptah.pwd_tool.encode(data['password'])
tinfo.add(user)
# notify system
self.request.registry.notify(ptah.events.PrincipalAddedEvent(user))
self.request.add_message('User has been created.', 'success')
return HTTPFound(location='.')
def register_handler(self):
data, errors = self.extract()
if errors:
self.add_error_message(errors)
return
user = self.create(data)
self.request.registry.notify(PrincipalRegisteredEvent(user))
self.cfg = ptah.get_settings(CFG_ID_CROWD, self.request.registry)
# validation
if self.cfg['validation']:
initiate_email_validation(user, self.request)
self.request.add_message('Validation email has been sent.')
if not self.cfg['allow-unvalidated']:
return HTTPFound(location=self.request.application_url)
# authenticate
info = ptah.auth_service.authenticate(
{'login': user.username, 'password': user.password})
if info.status:
headers = security.remember(self.request, info.__uri__)
return HTTPFound(
location='%s/login-success.html'%self.request.application_url,
headers = headers)
else:
self.request.add_message(info.message) # pragma: no cover
def get_manage_url(request):
url = request.application_url
if url.endswith('/'):
url = url[:-1]
cfg = ptah.get_settings(ptah.CFG_ID_PTAH, request.registry)
return '{0}/{1}'.format(url, cfg['manage'])
def test_manage_disable_modules(self):
from ptah.manage.manage import module, PtahModule, PtahManageRoute, ManageView, set_access_manager
@module("test-module")
class TestModule(PtahModule):
""" module description """
title = "Test module"
def accessManager(id, request):
return True
self.init_ptah()
set_access_manager(accessManager)
ptah.auth_service.set_userid("test-user")
cfg = ptah.get_settings(ptah.CFG_ID_PTAH, self.registry)
cfg["disable_modules"] = ("test-module",)
request = DummyRequest()
route = PtahManageRoute(request)
view = ManageView(route, request)
view.update()
for mod in view.modules:
self.assertFalse(isinstance(mod, TestModule))
def test_manage_enable_modules_traverse(self):
from ptah.manage.manage import module, PtahModule, PtahManageRoute, set_access_manager
@module("test-module1")
class TestModule1(PtahModule):
title = "Test module1"
@module("test-module2")
class TestModule2(PtahModule):
title = "Test module2"
def accessManager(id, request):
return True
self.init_ptah()
set_access_manager(accessManager)
ptah.auth_service.set_userid("test-user")
cfg = ptah.get_settings(ptah.CFG_ID_PTAH, self.registry)
cfg["enable_modules"] = ("test-module1",)
request = DummyRequest()
route = PtahManageRoute(request)
self.assertIsNotNone(route["test-module1"])
self.assertRaises(KeyError, route.__getitem__, "test-module2")
def initialized(ev):
global PLOUD_DSN, CLIENTS_DSN
global PLOUD_POOL, CLIENTS_POOL
def parse_dsn(s):
params = {}
s = s.split('//', 1)[-1]
if '@' in s:
head, tail = s.split('@', 1)
user, passwd = head.split(':', 1)
host, dbname = tail.split('/', 1)
else:
user = passwd = host = dbname = ''
params['user'] = user
params['password'] = passwd
params['host'] = host
params['database'] = dbname
return params
PLOUD = ptah.get_settings('ploud', ev.registry)
PLOUD_DSN = parse_dsn(PLOUD['dsn'])
CLIENTS_DSN = parse_dsn(PLOUD['clientsdsn'])
# Init ploud connections pool
PLOUD_POOL = psycopg2.pool.ThreadedConnectionPool(0, 8, **PLOUD_DSN)
CLIENTS_POOL = psycopg2.pool.ThreadedConnectionPool(0, 10, **CLIENTS_DSN)
def create(self):
data, errors = self.extract()
if errors:
self.message(errors, "form-error")
return
# create user
cfg = ptah.get_settings(ptahcrowd.CFG_ID_CROWD, self.request.registry)
tp = cfg["type"]
if not tp.startswith("type:"):
tp = "type:{0}".format(tp)
tinfo = ptah.resolve(tp)
user = tinfo.create(
name=data["name"],
login=data["login"],
email=data["login"],
validated=data["validated"],
suspended=data["suspended"],
)
user.password = ptah.pwd_tool.encode(data["password"])
tinfo.add(user)
# notify system
self.request.registry.notify(ptah.events.PrincipalAddedEvent(user))
self.message("User has been created.", "success")
return HTTPFound(location=".")
def test_dummy_mailer(self):
from ptah.ptahsettings import DummyMailer
PTAH = ptah.get_settings(ptah.CFG_ID_PTAH, self.registry)
self.assertIsInstance(PTAH['mailer'], DummyMailer)
PTAH['mailer'].send('*****@*****.**', '*****@*****.**', 'msg')
def update(self):
request = self.request
context = getattr(request, 'context', None)
if context is None:
context = getattr(request, 'root', None)
if context is None:
root_factory = request.registry.queryUtility(
IRootFactory, default=DefaultRootFactory)
context = root_factory(request)
request.root = context
self.__parent__ = context
CFG = ptah.get_settings(ptahcrowd.CFG_ID_CROWD, self.request.registry)
user = ptah.auth_service.get_userid()
if user is not None:
user = ptah.auth_service.get_current_principal()
if user is None:
request.response.headers = security.forget(request)
if user is None:
loginurl = CFG['login-url']
if loginurl and not loginurl.startswith(('http://', 'https://')):
loginurl = self.application_url + loginurl
elif not loginurl:
loginurl = self.application_url + '/login.html'
location = '%s?%s' % (loginurl,
url_encode({'came_from': request.url}))
request.add_message(
_('To access this part of the site, you need to log in with your credentials.'
), 'info')
response = request.response
response.status = HTTPFound.code
response.headers['location'] = location
return response
PTAH = ptah.get_settings(ptah.CFG_ID_PTAH, self.request.registry)
self.email_address = PTAH['email_from_address']
self.request.response.status = HTTPForbidden.code
def initialized(ev):
PTAH = ptah.get_settings(ptah.CFG_ID_PTAH, ev.registry)
# mail
if PTAH.get('mailer') is None:
PTAH['mailer'] = DummyMailer()
PTAH['full_email_address'] = formataddr(
(PTAH['email_from_name'], PTAH['email_from_address']))
def test_password_encode(self):
self.init_ptah()
cfg = ptah.get_settings(ptah.CFG_ID_PTAH, self.registry)
cfg['pwd_manager'] = 'plain'
encoded = ptah.pwd_tool.encode('12345')
self.assertEqual(encoded, '{plain}12345')
def update(self):
cfg = ptah.get_settings(CFG_ID_CROWD, self.request.registry)
self.app_url = self.application_url
self.join = cfg['join']
joinurl = cfg['join-url']
if joinurl:
self.joinurl = joinurl
else:
self.joinurl = self.request.route_url('ptahcrowd-join')
if ptah.auth_service.get_userid():
return HTTPFound(location=self.get_success_url())
cfg = ptah.get_settings(ptahcrowd.CFG_ID_AUTH, self.request.registry)
self.providers = cfg['providers']
return super(LoginForm, self).update()
def _create_default_group(self):
node1 = ptah.form.TextField('node1', default='default1')
node2 = ptah.form.IntegerField('node2', default=10)
ptah.register_settings('group', node1, node2)
self.init_ptah(initsettings=True)
return ptah.get_settings('group', self.registry)
def Api(request):
""" Rest API interface """
response = request.response
# authentication by token
token = request.environ.get('HTTP_X_AUTH_TOKEN')
if token:
secret = ptah.get_settings(ptah.CFG_ID_PTAH, request.registry)['secret']
try:
timestamp, userid, tokens, user_data = parse_ticket(
secret, '%s!' % token, '0.0.0.0')
except BadTicket:
userid = None
if userid:
ptah.auth_service.set_userid(userid)
# search service and action
service = request.matchdict['service']
subpath = request.matchdict['subpath']
if subpath:
action = subpath[0]
arguments = subpath[1:]
if ':' in action:
action, arg = action.split(':', 1)
arguments = (arg,) + arguments
else:
action = 'apidoc'
arguments = ()
request.environ['SCRIPT_NAME'] = '/__rest__/%s' % service
response.headerslist = {'Content-Type': 'application/json'}
# execute action for specific service
try:
result = config.get_cfg_storage(ID_REST)[service](
request, action, *arguments)
except WSGIHTTPException as exc:
response.status = exc.status
result = {'message': str(exc)}
except Exception as exc:
response.status = 500
out = NativeIO()
traceback.print_exc(file=out)
result = {'message': str(exc),
'traceback': out.getvalue()}
if isinstance(result, Response):
return result
response.text = text_(
dumps(result, indent=True, default=dthandler), 'utf-8')
return response
def test_password_check(self):
self.init_ptah()
cfg = ptah.get_settings(ptah.CFG_ID_PTAH, self.registry)
cfg['pwd_manager'] = 'ssha'
self.assertFalse(ptah.pwd_tool.check('12345', '12345'))
self.assertTrue(ptah.pwd_tool.check('{plain}12345', '12345'))
self.assertFalse(ptah.pwd_tool.check('{plain}12345', '123455'))
self.assertFalse(ptah.pwd_tool.check('{unknown}12345', '123455'))
def update(self):
uri = ptah.auth_service.get_userid()
if uri is not None:
return HTTPFound(location = self.request.application_url)
self.cfg = ptah.get_settings(CFG_ID_CROWD, self.request.registry)
if not self.cfg['join'] or not self.cfg['type']:
return HTTPForbidden('Site registraion is disabled.')
return super(Registration, self).update()
def test_local_role_default_roles_for_non_localaware(self):
from ptah import security
cfg = ptah.get_settings(ptah.CFG_ID_PTAH)
cfg['default_roles'] = ['role1', 'role2']
content = Content()
roles = security.get_local_roles('userid', context=content)
self.assertIn('role1', roles)
self.assertIn('role2', roles)
def update(self):
grp = ptah.get_settings(self.params['__group__'],
self.request.registry)
self.context = grp
self.title = grp.__title__
self.description = grp.__description__
self.fields = grp.__fields__.omit(*grp.__ttw_skip_fields__)
super(GroupEditForm, self).update()
def update(self):
cfg = ptah.get_settings(ptah.CFG_ID_PTAH, self.request.registry)
types = []
for ti in cms.get_types().values():
if ti.__uri__ in cfg['disable_models']:
continue
types.append((ti.title, ti))
self.types = [f for _t, f in sorted(types)]
def __init__(self, context, request, **kwargs):
self.__dict__.update(kwargs)
self.context = context
self.request = request
self.cfg = ptah.get_settings(ptah.CFG_ID_PTAH, request.registry)
self._files = []
self._headers = {}
self._alternative = []
